masq
/
halfapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[auth] dont activate authenticationMiddleware if secret is missing. NO SECRET ONLY IN FULLY PUBLIC DOMAINS!!!

This commit is contained in:
Maxime Alves LIRMM@home 2022-01-21 14:39:34 +01:00
parent 979007f287
commit 2e5680d29a
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
halfapi/halfapi.py
View File

@ -129,10 +129,11 @@ class HalfAPI(Starlette):
self.add_route('/', JSONRoute(schemas))
self.add_middleware(
AuthenticationMiddleware,
backend=JWTAuthenticationBackend()
)
if SECRET:
self.add_middleware(
AuthenticationMiddleware,
backend=JWTAuthenticationBackend()
)
if not PRODUCTION:
self.add_middleware(